To what end? They don't accrue any reputation. And how often do you think this is happening? How exactly is this a "huge problem"?
– jonrsharpeMay 15 '17 at 18:53

7

@jonrsharpe It's not about accruing reputation, it practically ruins the point of comment upvoting. Users with a lot of upvotes can appear more genuine, so this can disrupt discussions. Unless, for some reason, you think allowing people to upvote comments infinitely many times can have a positive effect.
– Sir CumferenceMay 15 '17 at 18:56

@jonrsharpe How can I have evidence? They will be anonymous. The problem is that, whether or not it's common, it has the potential to be very disruptive. Not to mention, users who have over 200 rep on one site can comment on any other site.
– Sir CumferenceMay 15 '17 at 19:01

3

I'm not sure I see why this is a huge problem as you call it? This would take a lot of effort by someone to vote on what is basically second-class content that could be deleted at any time.
– Taryn♦May 15 '17 at 19:01

3

@jonrsharpe Are you serious? I never said this is happening to me. I said that this can potentially cause problems. Scroll up and re-read what I wrote.
– Sir CumferenceMay 15 '17 at 19:04

3

Potentially? We don't prevent potential problems - we fix/deal with actual problem as and when they arise.
– OdedMay 15 '17 at 19:05

2

You said "This is a huge problem" - if it's not happening, how is that the case? I disagree with your premise on multiple levels.
– jonrsharpeMay 15 '17 at 19:05

6

I think some of you are missing the point of this post. OP has found a presumably unknown flaw to the system that allows egocentric and megalomaniac users validate themselves and disrupt the normal mechanics of standard discussions. I'm glad that most of you didn't have to deal with this kind of users, but let me tell you that they exist, and if something can be done to stand in their way and make it more difficult for them to do that, well, I think it should be done. It doesn't make sense not to. Huge problem, maybe not. Something for developers to bear in mind, IMHO, yes.
– AccidentalFourierTransformMay 15 '17 at 19:15

4

@Oded Honest question: what's the purpose of comment upvotes if they're completely meaningless? Why do they exist? Right now, many users can upvote as many times as they want. Doesn't that destroy the point of them?
– Sir CumferenceMay 15 '17 at 19:25

5

@dmckee I would prefer not to discuss this any further. The system can be abused, that's all there is to it.
– Sir CumferenceMay 15 '17 at 19:32

5

We are trying to explain to you that this "abuse" is minimal and meaningless. This is why we are not taking this seriously - you are yet to show an actual problem here.
– OdedMay 15 '17 at 19:33

6

I really don't get it. Are you people trying to argue that a comment with 40+ upvotes will have the same impact - credibility and visibility-wise - than one with no upvotes at all? That they are to all purposes equivalent? I know that in theory, they should be equivalent. But in practice, do you really think they are?
– AccidentalFourierTransformMay 15 '17 at 20:07

11

So, funny thing about this. The votes themselves are actually deleted. What we don't do, apparently, is update the denormalized Score stored on the comment itself. Regardless of whether or not this is a practical problem, we should probably do that if only for consistency's sake. Having said that, doing so has a caching implication in the API that I'm not sure how to handle off the top of my head (or if it's a real concern - I'm not familiar with that part of the code that much). Gonna have to think about it some.
– Adam Lear♦May 15 '17 at 21:55

7

In the meantime, y'all can demonstrate the severity of this issue by deleting your accounts to repeatedly upvote my comment above. ;)
– Adam Lear♦May 15 '17 at 21:56

3 Answers
3

As I said in the comments, the votes are deleted, but the denormalized Score stored on the comment itself is not updated.

I spent some time looking into a fix and, after further discussion with Nick Craver, I have to be the bearer of bad news here - we can't fix it at this point. Not without spending a lot of effort on setting up special infrastructure to do so.

Here's why. Let's say we wanted to create a daily scheduled task that'd look over the comments and fix up the scores. This presents two common problems: race conditions due to our use of READ UNCOMMITTED and DB table locks due to sheer volume of data and ongoing queries, but let's say we work around the latter with batching and the former self-corrects on the next run...

The next and foremost problem is that the Comments2Votes table that tracks voting didn't always exist. This means that we can't simply look at the current number of recorded votes and update the scores. (This affects about 10,000,000 comments.)

We could try backfilling those "missing" votes, but they can't be mapped to any users that are still around and they'd effectively be a waste of storage for votes that will also never be able to be removed. We're talking millions of rows here.

And even if we were to get around this by excluding comments created before a certain date... first of all, that doesn't entirely help either since votes can be cast long after the comment was posted. Secondly, doing this would up the time for the update queries to run and further increase the chances that we lock up the DB.

So, fine. Why not just "unvote" the comments we know about when a user is deleted? User deletion runs in a transaction. This means we up the odds of hitting race conditions where someone is voting on a comment while a user's being deleted. This puts scores back out of sync and we're arguably worse off than where we started.

To be able to do this properly, we'd need to rework how user deletion works, get around the missing data issues, and queue up these normalizations somewhere where we could work through them without affecting the day-to-day operations on the site. It's a lot of work and a lot of complexity for something that has a minor benefit in the grand scheme of things.

Deleting an account is not a trivial task, so going through that process over and over for any perceived minor benefit would be really difficult to miss — assuming anyone would even bother at all.

Perhaps if there was more benefit to up-voting a comment, it might warrant additional protections. But this is the kind of hypothetical problem you might want to see demonstrated in actual practice before deeming it a problem at all.

inconsequential for you need not be inconsequential for everybody. For some users, comments (and upvotes thereof) are meaningful. Whether this is the official attitude towards comments or not is irrelevant.
– AccidentalFourierTransformMay 15 '17 at 19:32

2

@AccidentalFourierTransform But no social system can be rendered 100% bulletproof, so you have to weigh the cost-benefits of plugging every highly unlikely scenario with a reasonable risk assessment that it will ever cause a problem at all.
– Robert Cartaino♦May 15 '17 at 20:11

5

But there is a significant benefit to upvoting a comment - support in one side of a discussion. This isn't some "minor" or "hypothetical problem" - how do you know it hasn't happened before, first of all? and second, since discussing large changes is one of the best parts of stack exchange it seems like this should be taken a heck of a lot more seriously.
– heatherMay 15 '17 at 20:36

1

@heather what significant benefit is there to a comment with upvotes? I think your putting to much weight in a comment with upvote. A comment is a temporary statement and it getting upvoted means nothing
– RamhoundMay 16 '17 at 3:15

2

@Ramhound, I've heard moderators say that on meta they look at comments to see what is being supported and what isn't, perhaps even more so than upvotes - I'd say that getting a comment upvoted doesn't mean "nothing". Also, I don't know about you, but I generally look at comment upvotes as support for an idea. For example - my comment's got four upvotes, so some people agree with me, but your comment has one, so some people agree with you too. Also, when there are a lot of comments on a post, the SE algorithm sorts by upvote - so clearly upvotes matter.
– heatherMay 16 '17 at 20:41

@heather The votes aren't entirely meaningless, that's true. But you can't read too much into them. Your comment has 4 votes. It's also a few hours older than Ramhound's. Does your comment have 4 times the support or did it just get seen by more people? Both? And I'm willing to bet money that none of the people who upvoted you deleted their accounts to do it again. :) What's identified here is a potential exploit, but not a very probable one, IMO.
– Adam Lear♦May 16 '17 at 22:15

1

@AdamLear, I'm merely responding to the idea that a comment with upvotes has no advantage over a comment without, which I must say is a preposterous idea IMO. As for the probability of it happening - who knows? I don't think we can say that it is high or low probability considering there's no evidence for either side =)
– heatherMay 17 '17 at 2:15

@AdamLear Well, is it likely to be fixed? :)
– Sir CumferenceMay 17 '17 at 18:39

There are ways to see comments with highest score, e.g. with SEDE, so if someone will spot comments with insane score (e.g. 100000), they can report it to the team, they will take a look and if needed punish the one gaming the system. "I was able to do that" is no excuse to game the system.

@AccidentalFourierTransform If you delete your account, as suggested in this question, you can't get the badge anyway (and if you did, it'd be worthless, because the owner of the badge would no longer have an account), so I don't think it's a huge concern.
– Aurora0001May 15 '17 at 19:48

@Aurora0001 they're talking about making others get the badge, from what I understand, which is indeed a concern. (small, but still)
– Shadow The Dragon WizardMay 15 '17 at 19:49

2

That's true... Although I do wonder how many people are dedicated enough to create and delete their account many times to get someone else a silver badge (which ultimately is just a fun, yet meaningless, token). You're right though, I was only thinking of the risk of someone giving themselves a badge.
– Aurora0001May 15 '17 at 19:52